Файл: admin.php
Строк: 812
<?php
include("txtSQL.class.php");
$db = new txtSQL("db");
$db->connect("root","");
$db->selectdb("siteman");
include("siteman.class.php");
$Siteman = new Website("2.0.x1");
$nav_links = "<a href="admin.php" class="bright"><big><b>Admin CP</b></big></a>";
if (isset($_GET["module"])) {
$do = "module";
$moduleinfo = $db->select(array("table" => "modules","where" => array("name = ".$_GET["module"])));
$nav_links .= "<b> >> Modules >> </b><a href="admin.php?module=".$_GET["module"]."" class="bright"><b>" . $moduleinfo[0]["name"] . "</b></a>";
if (isset($_GET["mdo"])) {
$mdo = $_GET["mdo"];
}
else {
$mdo = "default";
}
}
else if (isset($_GET["do"])) {
$do = $_GET["do"];
}
else {
$do = "default";
}
$modulelist = $db->select(array("table" => "modules"));
function draw_levelbox($level = 0) {
global $Siteman;
$Siteman->load_lang("levels");
echo"<table cellspacing="0" cellpadding="1">";
for ($i = 1;$i<=4;$i++) {
if ($level == $i) {
$selected = " checked ";
}
else {
$selected = " ";
}
echo"<tr><td><input type="radio" name="level" value="$i"".$selected."/></td><td>$i (".$Siteman->lang[$i].")</td></tr>";
}
echo"</table>";
}
if (isset($_GET["module"]) && $Siteman->loginok && $Siteman->userinfo["level"] >= 3) {
if (file_exists("modules/".$_GET["module"]."/admin_init.php")) {
include("modules/".$_GET["module"]."/admin_init.php");
}
}
else if ($Siteman->loginok && $Siteman->userinfo["level"] >= 3) {
switch ($do) {
case "savemenu":
if ($Siteman->userinfo["level"] >= 4) {
$menu = $db->select(array("table" => "menu","db" => "siteman"));
foreach ($menu as $lines) {
$id = $lines["id"];
if (strlen($_POST["action"][$id]) == 0) {
$db->delete(array("table" => "menu","where" => array("id = $id"),"db" => "siteman"));
}
else {
$db->update(array("table" => "menu","db" => "siteman","where" => array("id = $id"),"values" => array("level" => $_POST["levels"][$id],"text" => stripslashes($_POST["text"][$id]),"action" => $_POST["action"][$id])));
}
}
if (strlen($_POST["newaction"]) > 0) {
$db->insert(array("table" => "menu","db" => "siteman","values" => array("level" => $_POST["newlevel"],"text" => stripslashes($_POST["newtext"]),"action" => $_POST["newaction"])));
}
$do = "edmenu";
$nav_links .= "<b> >> Edit Menu</b>";
}
break 1;
case "edmenu":
if ($Siteman->userinfo["level"] >= 4) {
if (isset($_GET["insertblank"])) {
$ib = $_GET["insertblank"];
$menu = $db->select(array("table" => "menu","db" => "siteman"));
$i = 0;
while (isset($menu[$i])) {
if ($menu[$i]["id"] == $ib) {
$db->update(array("table" => "menu","db" => "siteman","where" => array("id = ".$menu[$i]["id"]),"values" => array("level" => 0,"text" => "","action" => "[text]")));
}
if ($menu[$i]["id"] >= $ib) {
$j = $i+1;
if (isset($menu[$j])) {
$db->update(array("table" => "menu","db" => "siteman","where" => array("id = ".$menu[$j]["id"]),"values" => array("level" => $menu[$i]["level"],"text" => $menu[$i]["text"],"action" => $menu[$i]["action"])));
}
else {
$db->insert(array("table" => "menu","db" => "siteman","values" => array("level" => $menu[$i]["level"],"text" => $menu[$i]["text"],"action" => $menu[$i]["action"])));
}
}
$i++;
}
}
$nav_links .= "<b> >> Edit Menu</b>";
}
break 1;
case "mansettings":
$nav_links .= " >> General Settings";
break 1;
case "savesettings":
if ($Siteman->userinfo["level"] >= 4) {
if (strlen($_POST["short_dateformat"]) > 0) {
if (stripslashes($_POST["identifier"]) != $Siteman->settings["identifier"]) {
$Siteman->cookie($Siteman->settings["identifier"],"");
$do = "chident";
}
$fields = array("short_dateformat","long_dateformat","identifier","timezone_offset","user_validation","disable_stats","theme","language","module","textarea_width");
$new = array();
foreach ($fields as $field) {
$new[$field] = stripslashes($_POST[$field]);
$Siteman->settings[$field] = $new[$field];
}
$db->update(array("table" => "settings","values" => $new,"where" => array("user_validation >= 0")));
if ($do != $chident) {
$do = "mansettings";
}
$nav_links .= " >> General Settings";
}
}
break 1;
case "manmod":
$nav_links .= "<b> >> Manage Modules</b>";
break 1;
case "savemod":
if ($Siteman->userinfo["level"] >= 4) {
$modules = $db->select(array("table" => "modules","db" => "siteman"));
foreach ($modules as $mod) {
$name = $mod["name"];
$title = "title_".$name;
$level = "level_".$name;
if (isset($_POST[$title])) {
$newvals = array("title" => stripslashes($_POST[$title]),"level" => $_POST[$level]);
$db->update(array("table" => "modules","db" => "siteman","values" => $newvals,"where" => array("name = $name")));
}
}
$nav_links .= "<b> >> Manage Modules</b>";
$do = "manmod";
}
break 1;
case "uninsmod":
if ($Siteman->userinfo["level"] >= 4) {
$nav_links .= "<b> >> <a href="admin.php?do=manmod" class="bright">Manage Modules</a> >> Uninstall module";
}
break 1;
case "yesuninsmodule":
if ($Siteman->userinfo["level"] >= 4) {
$module = $_GET["mod"];
if (file_exists("modules/$module/install.php")) {
$mode = "uninstall";
include("modules/$module/install.php");
}
$db->delete(array("table" => "modules","db" => "siteman","where" => array("name = $module")));
$do = "manmod";
}
break 1;
case "insmod":
if ($Siteman->userinfo["level"] >= 4) {
$module = $_GET["mod"];
if (file_exists("modules/$module")) {
$modinfo = $db->select(array("table" => "modules","db" => "siteman","where" => array("name = $module")));
if (strlen($modinfo[0]["title"]) == 0) {
if (file_exists("modules/$module/install.php")) {
$mode = "install";
include("modules/$module/install.php");
}
$db->insert(array("table" => "modules","db" => "siteman","values" => array("name" => $module,"title" => $module,"level" => 1)));
}
}
$do = "manmod";
}
break 1;
case "banip":
if ($Siteman->userinfo["level"] >= 4) {
$nav_links .= "<b> >> Ban IP-adress</b>";
}
break 1;
case "saveipban":
if ($Siteman->userinfo["level"] >= 4) {
$ips = $db->select(array("table" => "banned","db" => "siteman"));
$exist = array();
if (strlen($ips[0]["ip"]) > 0) {
foreach ($ips as $ip) {
$remove = "remove_".$ip["ip"];
$reason = "reason_".$ip["ip"];
$ipadress = $ip["ip"];
$exist[$ipadress] = 1;
if ($_POST[$remove] == 1) {
$db->delete(array("table" => "banned","where" => array("ip = ".$ip["ip"])));
}
else {
$db->update(array("table" => "banned","where" => array("ip = ".$ip["ip"]),"values" => array("reason" => stripslashes($_POST[$reason]))));
}
}
}
if (substr_count($_POST["newip"],".") == 3) {
$ipbase = explode(".",$_POST["newip"]);
$newip = "";
foreach ($ipbase as $base) {
$hex = dechex($base);
if (strlen($hex) == 1) {
$newip .= "0";
}
$newip .= $hex;
}
if (!$exist[$newip]) {
$db->insert(array("table" => "banned","values" => array("ip" => $newip,"reason" => stripslashes($_POST["newreason"]))));
}
}
$nav_links .= "<b> >> Ban IP-adress >> List Saved</b>";
$do = "banip";
}
break 1;
}
}
echo"<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="robots" content="nofollow" />
<title>Siteman 2 Control Panel</title>
<link rel="stylesheet" type="text/css" href="themes/standard/admin_style.css" />
</head>
<body>
<br />
<table cellspacing="1" cellpadding="3" width="95%" align="center">
<tr><td class="black" colspan="2" background="themes/standard/admin.gif">$nav_links</td></tr>
<tr><td width="17%" class="middark" valign="top">
<table cellspacing="0" cellpadding="2" width="100%">";
if ($Siteman->userinfo["level"] >= 3) {
echo"<tr><td class="dark"><b>General</b></td></tr>
<tr><td class="middark"><a href="admin.php?action=logout">Log Out</a></td></tr>
<tr><td class="middark"><a href="admin.php?do=manmod">Manage modules</a></td></tr>
<tr><td class="middark"><a href="admin.php?do=manlang">Manage Language files</a></td></tr>
<tr><td class="middark"><a href="admin.php?do=manthemes">Manage Themes</a></td></tr>
<tr><td class="middark"><a href="admin.php?do=mansettings">General settings</a></td></tr>
<tr><td class="middark"><a href="admin.php?do=edmenu">Edit Menu</a></td></tr>
<tr><td class="dark"><b>Security</b></td></tr>
<tr><td class="middark"><a href="admin.php?do=banip">Ban IP-adress</a></td></tr>
<tr><td class="dark"><b>Modules</b></td></tr>";
foreach ($modulelist as $mod) {
echo"<tr><td class="middark"><a href="admin.php?module=".$mod["name"]."">".$mod["name"]."</a></td></tr>";
}
}
echo"<tr><td class="middark"> </td></tr>
<tr><td background="themes/standard/admin.gif" align="center"><a href="index.php" target="_blank" class="bright"><b>Go to site</b></a></td></tr></table></td><td width="83%" valign="top">";
if ($Siteman->userinfo["level"] >= 3) {
switch ($do) {
case "module":
include("modules/".$moduleinfo[0]["name"]."/admin.php");
break 1;
case "edmenu":
if ($Siteman->userinfo["level"] >= 4) {
$menu = $db->select(array("table" => "menu","db" => "siteman"));
$levels = array(0 => "All users",1 => "Guests",2 => "Members",3 => "Authors",4 => "Admins");
echo"<b><big>Edit the menu.</big></b><br /><br />
You can select which member level that is required to see each menu item. In the 'text' column, write the text that shall be shown, and in the right column write what that menu item shall be. You can use the following codes in the action column:<br />
<table cellspacing="0" cellpadding="2"><tr><td>code</td><td>Does what?</td></tr>
<tr><td>any URL</td><td>the item is displayed as a link to the given URL</td></tr>
<tr><td>[module:modulename]</td><td>The item is displayed as a link to the module with name modulename, e.g. downloads, news, guestbook etc.</td></tr>
<tr><td>[module:pages:pagename]</td><td>The item is displayed as a link to the page with name pagename created in the 'pages' module</td></tr>
<tr><td>[text]</td><td>The item is displayed as plain text. to insert a blank line, use this and write in the text field.</td></tr>
<tr><td>[line]</td><td>Displays a horizontal line</td></tr>
<tr><td>[members]</td><td>Shows the login form if the user is not loged in, or the members links if the user is loged in</td></tr></table><br /><br />
Note: If the action field is left empty, that item is deleted when saving.<br />
<form action="admin.php?do=savemenu" method="post">
<table cellspacing="0" cellpadding="1"><tr><td></td><td>Level</td><td>Text</td><td>Action</td></tr>";
foreach ($menu as $lines) {
echo"<tr><td><a href="admin.php?do=edmenu&insertblank=".$lines["id"]."">Insert blank before</a></td><td><select name="levels[".$lines["id"]."]">";
for ($i=0;$i<=4;$i++) {
if ($i == $lines["level"]) {
$selected = " selected";
}
else {
$selected = "";
}
echo"<option value="$i"".$selected.">$i ($levels[$i])</option>";
}
echo"</select></td><td><input type="text" name="text[".$lines["id"]."]" size="30" value="".$lines["text"]."" /></td>
<td><input type="text" name="action[".$lines["id"]."]" size="30" value="".$lines["action"]."" /></td></tr>";
}
echo"<tr><td>New Line</td><td><select name="newlevel">";
for ($i=0;$i<=4;$i++) {
echo"<option value="$i">$i ($levels[$i])</option>";
}
echo"</select></td><td><input type="text" name="newtext" size="30" /></td>
<td><input type="text" name="newaction" size="30" /></td></tr>
<tr><td colspan="4" align="right"><input type="submit" value="Save Menu" /></td></tr></table>";
}
break 1;
case "mansettings":
if ($Siteman->userinfo["level"] >= 4) {
echo"These are the global settings that affects all parts of the site.<br /><br />
<form action="admin.php?do=savesettings" method="post">
<table cellspacing="0" cellpadding="2">
<tr><td><b>Short Dateformat</b><br />The format used for representing dates briefly, usually including only day of month, month and year. Here you can use the same symbols as in the php date() function. To see a list of available symbols, see <a href="http://no.php.net/manual/en/function.date.php" target="_blank">Info about the date function</a> at php.net.</td>
<td><input type="text" name="short_dateformat" size="40" value="".htmlspecialchars($Siteman->settings["short_dateformat"])."" /></td></tr>
<tr><td><b>Long Dateformat</b><br />Mostly same function as the short dateformat, but also including the time of day</td>
<td><input type="text" name="long_dateformat" size="40" value="".htmlspecialchars($Siteman->settings["long_dateformat"])."" /></td></tr>
<tr><td><b>Timezone offset</b><br />If the server is placed in a different timezone than you and your users, you can change this value so that the times and dates recorded are displayed correctly. Currently, the clock at the server is ".date($Siteman->settings["long_dateformat"]).", while the corrected time based on your timezone offset settings is ".date($Siteman->settings["long_dateformat"],time()+$Siteman->settings["timezone_offset"]).". The value entered is the correction in seconds, and you can enter a negative value.</td>
<td><input type="text" name="timezone_offset" size="40" value="".$Siteman->settings["timezone_offset"]."" /></td></tr>
<tr><td><b>User Validation</b><br />If set to yes, all user registrations must be validated by an admin before they are activated.</td>
<td><table cellspacing="0" cellpadding="1"><tr><td><input type="radio" name="user_validation" value="1"";
if ($Siteman->settings["user_validation"]) { echo" checked"; }
echo" /></td><td>Yes </td><td><input type="radio" name="user_validation" value="0"";
if (!$Siteman->settings["user_validation"]) { echo" checked"; }
echo" /></td><td>No</td></tr></table></td></tr>
<tr><td><b>Site Identifier</b><br />Choose a unique word that will be used in the cookies stored on your users' browsers. It should only contain letters and numbers (a-z, 0-9), and does not have to be a meaningful/descriptive word.</td>
<td><input type="text" name="identifier" size="40" value="".htmlspecialchars($Siteman->settings["identifier"])."" /></td></tr>
<tr><td><b>Disable Stats?</b><br />If you have a lot of traffic and are tight on server space, you might want to disable stats to save diskspace. Also see the stats section to delete all stats recorded.</td>
<td><table cellspacing="0" cellpadding="1"><tr><td><input type="radio" name="disable_stats" value="1"";
if ($Siteman->settings["disable_stats"]) { echo" checked"; }
echo" /></td><td>Yes </td><td><input type="radio" name="disable_stats" value="0"";
if (!$Siteman->settings["disable_stats"]) { echo" checked"; }
echo" /></td><td>No</td></tr></table></td></tr>
<tr><td><b>Default theme</b><br />Choose which theme that shall be used as default.</td>
<td><select name="theme">";
$dp = opendir("themes");
while (($file = readdir($dp)) !== FALSE) {
if ($file == $Siteman->settings["theme"]) {
$selected = " selected";
}
else {
$selected = "";
}
if ($file != "." && $file != "..") {
echo"<option value="$file"".$selected.">$file</option>";
}
}
closedir($dp);
$langs = $db->showtables(array("db" => "language"));
echo"</select></td></tr>
<tr><td><b>Default Language</b><br />Choose the default display language for the site. If some words are missing in the selected language, english words will be used instead.</td>
<td><select name="language">";
foreach ($langs as $lang) {
if ($lang == $Siteman->settings["language"]) {
$selected = " selected";
}
else {
$selected = "";
}
echo"<option value="$lang"".$seleced.">$lang</option>";
}
$modules = $db->select(array("table" => "modules","db" => "siteman"));
echo"</selected></td></tr>
<tr><td><b>Default Module</b><br />The module that shall be shown if no module is specified. It is recommended to use the pages module.</td>
<td><select name="module">";
foreach ($modules as $mods) {
if ($mods["name"] == $Siteman->settings["module"]) {
$selected = " selected";
}
else {
$selected = "";
}
echo"<option value="".$mods["name"].""".$selected.">".$mods["name"]." (".$mods["title"].")</option>";
}
echo"</select></td></tr>
<tr><td><b>Textarea width</b><br />The width (in characters) of textarea fields in the Admin CP can be changed for your convenience.</td>
<td><input type="text" name="textarea_width" value="".$Siteman->settings["textarea_width"]."" size="40" /></td></tr>
<tr><td></td><td><input type="submit" value="Save settings" /></td></tr></table></form>";
}
break 1;
case "chident":
echo"Settings saved.<br />The Site identifier was changed. please login again.";
$Siteman->logout();
$Siteman->show_loginbox();
break 1;
case "manmod":
if ($Siteman->userinfo["level"] >= 4) {
$modules = $db->select(array("table" => "modules","db" => "siteman"));
$levels = array("","Guests","Members","Authors","Admins");
$installed = array();
if ($_GET["do"] == "yesuninsmodule") {
echo"<b>Module $module was uninstalled.</b><br /><br />";
}
echo"In this section you manage how Siteman shall handle the different modules installed on your site. To use the administrative features of each module, use the links under 'modules' in the menu to the left.<br /><br />
All modules should be stored in their own folder under the 'modules' subfolder. The name of the folder will be the name of the module that will be used in URLs, and they should preferably contain only letters a-z, numbers 0-9 and dash (-)/underscore(_).<br />
The title is the text that is shown in the heading field, and could contain any character, as well as HTML.<br />
<br />You can set the level that is needed to access each module. Modules that have not yet been installed are accessible by using the url index.php?module=modulename, but only admins can access them.<br />
If you want to delete a module, you <b>should</b> click the 'uninstall' link here <u>before</u> you delete the files.<br /><br /><br />
<b>Installed modules</b><br />
<form action="admin.php?do=savemod" method="post">
<table cellspacing="1" cellpadding="2"><tr><td>Name</td><td>Title</td><td>Level</td><td>Actions</td></tr>";
foreach ($modules as $mod) {
$nm = $mod["name"];
$installed[$nm] = 1;
echo"<tr><td>".$mod["name"]."</td><td><input type="text" name="title_".$mod["name"]."" size="25" value="".$mod["title"]."" /></td><td><select name="level_".$mod["name"]."">";
for ($i=1;$i<=4;$i++) {
$selected = "";
if ($i == $mod["level"]) {
$selected = " selected";
}
echo"<option value="$i"".$selected.">$i ($levels[$i])</option>";
}
echo"</select></td><td><a href="admin.php?do=uninsmod&mod=".$mod["name"]."">Uninstall</a></td></tr>";
}
echo"<tr><td colspan="4" align="right"><input type="submit" value="Save module settings" /></td></tr></table></form><br /><br />
<b>Not Installed Modules</b><br />
<table cellspacing="0" cellpadding="2"><tr><td>Name</td><td>Action</td></tr>";
$dp = opendir("modules/");
while (($file = readdir($dp)) !== FALSE) {
if ($file != "." && $file != ".." && !isset($installed[$file])) {
echo"<tr><td>$file</td><td><a href="admin.php?do=insmod&mod=".$file."">Install</a></td></tr>";
}
}
closedir($dp);
echo"</table>";
}
break 1;
case "uninsmod":
if ($Siteman->userinfo["level"] >= 4) {
$module = $_GET["mod"];
echo"<br /><br />Are you sure you want to delete the module $module?<br /><br />
<table cellspacing="0" cellpadding="2"><tr><td><form action="admin.php?do=yesuninsmodule&mod=".$module."" method="post"><input type="submit" value="Yes" /></form></td>
<td> </td>
<td><form action="admin.php?do=manmod" method="post"><input type="submit" value="No" /></form></td></tr></table>";
}
break 1;
case "banip":
if ($Siteman->userinfo["level"] >= 4) {
echo"Use this section to deny specific IP-adresses access to the site. Users with blocked IP-adresses will get a message saying why they are blocked, and have the ability to submit a complain of up to 500 characters.<br /><br />
<b>Note:</b> Only numerical (e.g. 127.0.0.1) IP-adresses can be blocked (not domains or hostmasks)<br /><br />
<b>Blocked Adresses</b><br />
<form action="admin.php?do=saveipban" method="post">
<table cellspacing="0" cellpadding="3">
<tr><td>Remove from list</td><td>IP</td><td>Reason</td><td>Reply (not editable)</td></tr>";
$ips = $db->select(array("table" => "banned"));
if (strlen($ips[0]["ip"]) > 0) {
foreach ($ips as $ip) {
$ipadress = hexdec(substr($ip["ip"],0,2)) . "." . hexdec(substr($ip["ip"],2,2)) . "." . hexdec(substr($ip["ip"],4,2)) . "." . hexdec(substr($ip["ip"],6,2));
echo"<tr><td align="center"><input type="checkbox" value="1" name="remove_".$ip["ip"]."" /></td><td>$ipadress</td><td><input type="text" name="reason_".$ip["ip"]."" size="25" value="".htmlspecialchars($ip["reason"])."" /></td><td>";
if (strlen($ip["reply"]) > 0) {
echo"<textarea rows="3" cols="30">".$ip["reply"]."</textarea>";
}
echo"</td></tr>";
}
}
echo"<tr><td>New</td><td><input type="text" name="newip" size="15" /></td><td><input type="text" name="newreason" size="25" /></td><td></td></tr>
<tr><td colspan="4" align="right"><input type="submit" value="Save List" /></td></tr></table></form>";
}
break 1;
default:
echo"<b>Quick Siteman Diagnostics</b><br /><br />
PHP version: " . phpversion() . "<br />
Server OS: " . php_uname() . "<br />
Server API: " . php_sapi_name() . "<br />
Server Software: ". $_SERVER["SERVER_SOFTWARE"];
break 1;
}
}
if (!$Siteman->loginok) {
$Siteman->show_loginbox(0,"admin.php");
}
echo"</td></tr>
<tr><td colspan="2" align="center">Generation time: ".$Siteman->get_loadtime()." seconds</td></tr></table>
</body>
</html>";
$db->disconnect();
?>